133 Security Blogs

Last Updated: 10 Jun 25 08:49 UTC

Blog List | Github | OPML

2025-06-10

Synacktiv

Exploiting Heroes of Might and Magic V

Compass Security Blog

LinkedIn for OSINT: tips and tricks

2025-06-09

Schneier on Security

New Way to Track Covertly Android Users

Auth0

Offload Authentication and Clear the Way for Creativity

Auth0

Introducing Auth0’s Developer Experience Principles

Rapid7

5 Things Security Leaders Need to Know About Agentic AI

Rapid7

Navigating AWS Migration: Achieving Clarity and Confidence

Malwarebytes

How and where to report an online scam

Malwarebytes

Been scammed online? Here’s what to do

Malwarebytes

A week in security (June 1 – June 7)

Embrace The Red

Hosting COM Servers with an MCP Server

Troy Hunt

Weekly Update 455

Amazon Security

Building secure foundations: A guide to network and infrastructure security at AWS re:Inforce 2025

Dark Reading

New Trump Cybersecurity Order Reverses Biden, Obama Priorities

Dark Reading

OpenAI Bans ChatGPT Accounts Linked to Nation-State Threat Actors

Dark Reading

'Librarian Ghouls' Cyberattackers Strike at Night

Dark Reading

Gartner: How Security Teams Can Turn Hype Into Opportunity

Dark Reading

SIEMs Missing the Mark on MITRE ATT&CK Techniques

Dark Reading

Next-Gen Developers Are a Cybersecurity Powder Keg

Dark Reading

China-Backed Hackers Target SentinelOne in 'PurpleHaze' Attack Spree

Mend

What is AI Red Teaming?

Datadog HQ

Migrate historical logs from Splunk and Elasticsearch using Observability Pipelines

Palo Alto Networks

Securing AI Agent Innovation with Prisma AIRS MCP Server

2025-06-08

Ars Technica Security

Cybercriminals turn to “residential proxy” services to hide malicious traffic

2025-06-06

Schneier on Security

Friday Squid Blogging: Squid Run in Southern New England

Schneier on Security

Hearing on the Federal Government and AI

Schneier on Security

Report on the Malicious Uses of AI

Rapid7

Metasploit Wrap-up 06/06/25

Rapid7

Cultivating Growth and Development at Rapid7

Rapid7

India's Cyber Leaders Prepare for AI-Driven Threats

Malwarebytes

How to update Chrome on every operating system

Malwarebytes

OpenAI forced to preserve ChatGPT chats

Malwarebytes

Booking.com reservation abused as cybercriminals steal from travelers

SentinelOne

The Good, the Bad and the Ugly in Cybersecurity – Week 23

Hunt and Hackett

Cyber Risks in Agriculture: A Guide for Business Leaders

Amazon Security

2025 ISO and CSA STAR certificates now available with three new Regions

Amazon Security

How to use on-demand rotation for AWS KMS imported keys

Dark Reading

Cutting-Edge ClickFix Tactics Snowball, Pushing Phishing Forward

Dark Reading

F5 Acquires Agentic AI Security Startup Fletch

Dark Reading

BADBOX 2.0 Targets Home Networks in Botnet Campaign, FBI Warns

Dark Reading

Docuseries Explores Mental, Physical Hardships of CISOs

Dark Reading

Synthetic Data Is Here to Stay, but How Secure Is It?

Dark Reading

MSFT-CrowdStrike 'Rosetta Stone' for Naming APTs: Meh?

Dark Reading

Prep for Layoffs Before They Compromise Security

Ars Technica Security

Millions of low-cost Android devices turn home networks into crime platforms

Datadog HQ

Create rich, up-to-date visualizations of your AWS infrastructure with Cloudcraft in Datadog

Searchlight Cyber

Global Law Enforcement Takedown Disrupts Prolific Cybercrime Tool AVCheck

Searchlight Cyber

BidenCash Marketplace Seized by U.S. Law Enforcement

2025-06-05

Auth0

Auth0 and Amazon Web Services: The Secret Ingredients That Drive Fan Engagement

NVISO Labs

Intercepting traffic on Android with Mainline and Conscrypt

Malwarebytes

Pornhub, RedTube, and YouPorn block access in France, VPN use set to soar

Malwarebytes

Ransomware hiding in fake AI, business tools

Star Labs

Solo: A Pixel 6 Pro Story (When one bug is all you need)

Talos Intelligence

Everyone's on the cyber target list

Talos Intelligence

Newly identified wiper malware “PathWiper” targets critical infrastructure in Ukraine

Microsoft Security

Connect with us at the Gartner Security & Risk Management Summit

Microsoft Security

Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3

Eclypsium

BlackLotus UEFI Bootkit Patching & Mitigations

Eclypsium

SMM Callout Vulnerabilities in UEFI

Amazon Security

Many voices, one community: Three themes from RSA Conference 2025

Offensive Security

CVE-2025-24893 – Unauthenticated Remote Code Execution in XWiki via SolrSearch Macro

Dark Reading

SecOps Teams Need to Tackle AI Hallucinations to Improve Accuracy

Dark Reading

Digital Forensics Firm Cellebrite to Acquire Corellium

Dark Reading

'PathWiper' Attack Hits Critical Infrastructure In Ukraine

Dark Reading

Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

Dark Reading

Backdoored Malware Reels in Newbie Cybercriminals

Dark Reading

Questions Swirl Around ConnectWise Flaw Used in Attacks

Dark Reading

Finding Balance in US AI Regulation

Dark Reading

Iranian APT 'BladedFeline' Hides in Network for 8 Years

Dark Reading

Cybersecurity Training in Africa Aims to Bolster Professionals' Ranks

The Citizen Lab

Techno-Legal Internet Controls in Indonesia and Their Impact on Free Expression

Snyk

Snyk for Government Achieves FedRAMP Moderate Authorization: A Milestone for Secure Government Software

Snyk

Humans at the Center: Redefining the Role of Developers in an AI-Powered Future

Krebs on Security

Proxy Services Feast on Ukraine’s IP Address Exodus

TrustedSec

Full Disclosure, GraphGhost: Are You Afraid of Failed Logins?

Datadog HQ

Announcing Go tracer v2.0.0

Palo Alto Networks

GenAI's Impact — Surging Adoption and Rising Risks in 2025

2025-06-04

Fastly

Smarter Security Operations: Embracing Detection-as-Code

Schneier on Security

The Ramifications of Ukraine’s Drone Attack

Auth0

Navigating New App Store Rules: Identity Solutions for Revenue Growth

Rapid7

Rapid7 Q1 2025 Incident Response Findings

Malwarebytes

Google fixes another actively exploited vulnerability in Chrome, so update now!

Katie Knowles

Persisting Unseen: Defending against Entra ID persistence

XPN's Blog

Tokenization Confusion

Okta Security

Enabling ISO/IEC 27001:2022 Compliance with Okta

Dark Reading

35K Solar Devices Vulnerable to Potential Hijacking

Dark Reading

Vishing Crew Targets Salesforce Data

Dark Reading

How Neuroscience Can Help Us Battle 'Alert Fatigue'

Dark Reading

Researchers Bypass Deepfake Detection With Replay Attacks

Dark Reading

Attackers Impersonate Ruby Packages to Steal Sensitive Telegram Data

Dark Reading

Beware of Device Code Phishing

Bishop Fox Security

2025 Red Team Tools – C2 Frameworks, Active Directory & Network Exploitation

Ars Technica Security

Two certificate authorities booted from the good graces of Chrome

Snyk

From Risk to Resilience: Achieving HIPAA Standards in Your App

Snyk

The Future of Developer Upskilling Is Human-Led, AI-Supported

Redteam-Pentesting.de

The Ultimate Guide to Windows Coercion Techniques in 2025

Red Siege InfoSec Blog

Authentication vs. Authorization in Web App Penetration Testing

Datadog HQ

Centrally process and govern your logs in Datadog before sending them to Microsoft Sentinel

Google Safety & Security

Our latest scams survey sees changing online security habits

Searchlight Cyber

Where Does Cyber Risk Come From Within an Organization?

2025-06-03

Schneier on Security

New Linux Vulnerabilities

Auth0

Secure Java AI Agents: Authorization for RAG Using LangChain4j and Auth0 FGA

Auth0

May 2025 in Auth0: Async Auth, Real-Time Streams, and Custom Everything

Cloudflare

Building an AI Agent that puts humans in the loop with Knock and Cloudflare’s Agents SDK

Rapid7

From Ideology to Financial Gain: Exploring the Convergence from Hacktivism to Cybercrime

Rapid7

Introducing AI Attack Coverage in Exposure Command: Secure what traditional AppSec Tools miss

Malwarebytes

Scammers are constantly changing the game, but so are we. Introducing Malwarebytes Scam Guard

Malwarebytes

The North Face warns customers about potentially stolen data

Malwarebytes

Juice jacking warnings are back, with a new twist

White Knight Labs

Understanding Use-After-Free (UAF) in Windows Kernel Drivers

Microsoft Security

How Microsoft Defender for Endpoint is redefining endpoint security

Eclypsium

Verizon DBIR 2025 Key Stats: Network Device Attacks, Third Party Risk, and More

Github Security Blog

Hack the model: Build AI security skills with the GitHub Secure Code Game

Github Security Blog

DNS rebinding attacks explained: The lookup is coming from inside the house!

Amazon Security

Implementing just-in-time privileged access to AWS with Microsoft Entra and AWS IAM Identity Center

Dark Reading

How to Approach Security in the Era of AI Agents

Dark Reading

LayerX Launches ExtensionPedia

Dark Reading

TXOne Networks Introduces Capability for Intelligent Vulnerability Mitigation

Dark Reading

'Crocodilus' Sharpens Its Teeth on Android Users

Dark Reading

Victoria's Secret Delays Earnings Call Due to Cyber Incident

Dark Reading

Chrome Drops Trust for Chunghwa, Netlock Certificates

Dark Reading

LummaC2 Fractures as Acreed Malware Becomes Top Dog

Dark Reading

Is Your CISO Navigating Your Flight Path?

The Citizen Lab

The PRC Transnational Repression Efforts: Influence, Interference, and Legitimacy

Ars Technica Security

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers

ReversingLabs

Why Using SCA to Build Your SBOMs is a Risky Proposition

Palo Alto Networks

Cybersecurity Challenges in the Energy and Utilities Sector